spring security 安全框架
前言
spring security 为网站提供安全
有两个功能: 认证(Authentication)我即我 和授权(Authorization)
同类框架 Shiro,
原始的认证和授权方式,使用拦截器实现认证和授权
hello小案例
目录结构
setting.gradle
build.gradle
src/main/java/test/Run.java
src/main/java/test/TestController.java
src/main/java/resources/application.yml
代码
setting.gradle
rootProject.name = 'demo'
build.gradle
plugins {
id 'org.springframework.boot' version '2.2.7.RELEASE'
id 'io.spring.dependency-management' version '1.0.9.RELEASE'
id 'java'
}
group = 'com.example'
version = '0.0.1-SNAPSHOT'
sourceCompatibility = '1.8'
repositories {
maven { url 'https://maven.aliyun.com/repository/public/' }
maven { url 'https://maven.aliyun.com/repository/spring/'}
mavenLocal()
mavenCentral()
}
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'org.springframework.boot:spring-boot-starter-web'
testImplementation('org.springframework.boot:spring-boot-starter-test') {
exclude group: 'org.junit.vintage', module: 'junit-vintage-engine'
}
testImplementation 'org.springframework.security:spring-security-test'
}
test {
useJUnitPlatform()
}
添加重点依赖
implementation 'org.springframework.boot:spring-boot-starter-security'
入口类RUN.java
package test;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class RUN {
public static void main(String[] args) {
SpringApplication.run(RUN.class,args);
}
}
控制类TestController.java
package test;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
@Controller
public class TestController {
@GetMapping("/")
@ResponseBody
public String index(){ return "成功登录";}
}
基本操作
1.运行程序,并查看运行日志,注意Using generated security password:
这个后面的密码
gradle spring-boot:run
2.打开浏览器输出下面网站,出现默认的登录界面
http://127.0.0.1:8080/login
3.在浏览器输入账号,日志的密码,出现下面的结果